Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/KIGmlyPNO_YfKrw7FBBis9OeajY.roa
File: KIGmlyPNO_YfKrw7FBBis9OeajY.roa (raw, json)
Hash identifier: O7ehcQ9GtvGBhdFd9ZbJnqpPxdxb02yspHor9n9KHd8=
Subject key identifier: 28:81:A6:97:23:CD:3B:F6:1F:2A:BC:3B:14:10:62:B3:D3:9E:6A:36
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 0193AB052B14B2C3290D9675238016DFA222
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/KIGmlyPNO_YfKrw7FBBis9OeajY.roa
Signing time: Mon 09 Dec 2024 10:44:22 +0000
ROA not before: Mon 09 Dec 2024 10:44:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20473
IP address blocks: 31.56.86.0/24 maxlen: 24
31.56.105.0/24 maxlen: 24
31.56.112.0/24 maxlen: 24
31.57.162.0/23 maxlen: 23
31.57.164.0/23 maxlen: 23
31.57.180.0/24 maxlen: 24
31.58.41.0/24 maxlen: 24
31.58.42.0/24 maxlen: 24
31.58.48.0/24 maxlen: 24
31.58.50.0/23 maxlen: 24
31.58.56.0/23 maxlen: 24
31.58.64.0/23 maxlen: 24
31.58.136.0/24 maxlen: 24
31.58.153.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 11 Dec 2024 13:13:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:ab:05:2b:14:b2:c3:29:0d:96:75:23:80:16:df:a2:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Dec 9 10:44:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2881a69723cd3bf61f2abc3b141062b3d39e6a36
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:e7:b2:17:d5:2f:2f:56:4f:22:a8:bc:ec:9a:
c1:d1:ac:1f:d9:a5:de:6d:c3:a1:00:ce:a2:69:d3:
eb:2a:44:9c:98:2c:0e:ca:d5:7d:0a:c1:94:6f:e4:
97:59:d3:f1:a9:f8:7d:a1:ab:4f:87:a9:23:f5:31:
55:85:e8:e5:01:82:65:fa:5d:b7:61:33:03:40:a9:
53:5f:27:fd:1e:d6:59:8a:49:ee:0b:05:a9:d4:b0:
3a:2d:1f:08:cf:75:9b:2d:fc:b3:6e:9a:04:28:4d:
a0:d7:05:73:e5:02:66:3e:dd:fa:bb:4c:1a:d4:c5:
87:c6:64:50:39:86:68:37:b2:86:f7:30:64:64:c1:
f1:73:2e:a6:d6:41:79:19:42:5a:97:f9:04:90:b2:
1f:61:4f:da:74:fa:95:63:08:e5:19:fe:8d:b6:cd:
ca:92:ff:66:fd:e9:61:aa:9f:64:27:d5:7c:88:be:
b1:ef:34:32:12:01:a3:9f:8c:a8:11:85:63:82:d5:
aa:08:6c:bc:77:05:38:04:37:16:3c:0d:63:22:ed:
98:06:57:07:98:57:af:cc:da:9c:82:6b:c0:53:bd:
57:14:b2:e2:0b:1b:3b:0f:2c:28:db:08:12:fb:a9:
fa:7a:0c:17:7d:ae:10:f4:75:df:f2:1e:fd:2b:3b:
84:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:81:A6:97:23:CD:3B:F6:1F:2A:BC:3B:14:10:62:B3:D3:9E:6A:36
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/KIGmlyPNO_YfKrw7FBBis9OeajY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.86.0/24
31.56.105.0/24
31.56.112.0/24
31.57.162.0-31.57.165.255
31.57.180.0/24
31.58.41.0-31.58.42.255
31.58.48.0/24
31.58.50.0/23
31.58.56.0/23
31.58.64.0/23
31.58.136.0/24
31.58.153.0/24
Signature Algorithm: sha256WithRSAEncryption
b5:ae:75:d2:2f:20:bc:1c:c0:5e:95:40:14:78:f7:eb:9e:07:
ef:25:d2:39:c7:a4:cc:8c:2d:db:76:fc:b8:21:3b:c8:54:e6:
b7:e5:91:1f:ee:e7:7e:62:06:d3:b0:59:b9:a8:e7:51:6c:c8:
22:3a:70:59:dc:0d:3e:ee:c7:ea:79:f1:51:58:03:57:1f:4b:
42:36:a4:1a:55:dc:d8:90:bd:23:de:53:70:6b:9e:52:bc:d6:
3c:b9:04:22:bc:50:22:fa:a7:5e:60:cd:aa:c4:e8:0b:0e:f9:
e3:0e:f1:eb:e4:50:8c:9b:2c:9f:34:0a:60:71:38:63:03:e7:
55:29:1b:e3:ff:fc:bf:a7:c7:89:1b:4b:ca:89:77:49:df:fc:
0b:4d:90:9a:67:77:bd:f8:36:4f:34:51:fa:56:eb:c5:7c:eb:
c7:ff:13:27:83:1c:69:bd:8e:42:61:6a:00:43:7b:01:c1:17:
2a:6e:90:37:e7:26:01:58:3e:11:cf:57:14:92:c5:1d:60:52:
a2:86:21:de:26:79:75:72:e0:0e:d6:70:a0:14:c6:a6:8c:b4:
05:f2:b7:16:2a:8b:25:d8:61:3c:83:41:0a:94:80:70:d4:3c:
d3:9e:80:fb:db:11:c8:f3:ea:72:44:5c:b8:df:43:b9:49:ea:
ac:08:4a:45
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgISAZOrBSsUssMpDZZ1I4AW36IiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjQxMjA5MTA0NDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyODgxYTY5NzIzY2QzYmY2MWYyYWJjM2IxNDEwNjJiM2QzOWU2YTM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqOeyF9UvL1ZPIqi87JrB0awf2aXe
bcOhAM6iadPrKkScmCwOytV9CsGUb+SXWdPxqfh9oatPh6kj9TFVhejlAYJl+l23
YTMDQKlTXyf9HtZZiknuCwWp1LA6LR8Iz3WbLfyzbpoEKE2g1wVz5QJmPt36u0wa
1MWHxmRQOYZoN7KG9zBkZMHxcy6m1kF5GUJal/kEkLIfYU/adPqVYwjlGf6Nts3K
kv9m/elhqp9kJ9V8iL6x7zQyEgGjn4yoEYVjgtWqCGy8dwU4BDcWPA1jIu2YBlcH
mFevzNqcgmvAU71XFLLiCxs7Dywo2wgS+6n6egwXfa4Q9HXf8h79KzuElwIDAQAB
o4ICWzCCAlcwHQYDVR0OBBYEFCiBppcjzTv2Hyq8OxQQYrPTnmo2MB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvS0lHbWx5UE5PX1lmS3J3N0ZCQmlzOU9lYWpZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHEGCCsGAQUFBwEHAQH/BGIwYDBeBAIAATBYAwQAHzhWAwQA
HzhpAwQAHzhwMAwDBAEfOaIDBAEfOaQDBAAfObQwDAMEAB86KQMEAB86KgMEAB86
MAMEAR86MgMEAR86OAMEAR86QAMEAB86iAMEAB86mTANBgkqhkiG9w0BAQsFAAOC
AQEAta510i8gvBzAXpVAFHj3654H7yXSOcekzIwt23b8uCE7yFTmt+WRH+7nfmIG
07BZuajnUWzIIjpwWdwNPu7H6nnxUVgDVx9LQjakGlXc2JC9I95TcGueUrzWPLkE
IrxQIvqnXmDNqsToCw754w7x6+RQjJssnzQKYHE4YwPnVSkb4//8v6fHiRtLyol3
Sd/8C02Qmmd3vfg2TzRR+lbrxXzrx/8TJ4Mcab2OQmFqAEN7AcEXKm6QN+cmAVg+
Ec9XFJLFHWBSooYh3iZ5dXLgDtZwoBTGpoy0BfK3FiqLJdhhPINBCpSAcNQ8056A
+9sRyPPqckRcuN9DuUnqrAhKRQ==
-----END CERTIFICATE-----
Generated at Fri Mar 14 11:47:10 2025 by rpki-client